Microsoft on WannaCry Ransomware: Government Secrecy Led to This
The spread of the virus dubbed WannaCry had slowed but cybersecurity experts warned that new versions of the worm are likely, even as the extent of the damage caused by Friday’s attack remains unclear.
The response from governments around the world has been equally dramatic, and we’re seeing broad cooperation between governmental organizations and private business in a bid to bring the attack under control as quickly as possible.
Companies such as Nissan and FedEx admitted they were hit by the attack.
It’s called WannaCry and it’s brought computer systems from Russian Federation to China to the United Kingdom and the U.S. to their knees, locking people out of their data and demanding they pay a ransom or lose everything. In a bid to get the files decrypted, the victims are asked to pay a ransom payment, here, they are asked to pay in Bitcoins. Consequently, Microsoft should investigate the risky flaw in its system. The security patch that Microsoft released in March, named MS17-010, can be found online.
“The operating systems on our computers and software downloads are managed centrally so that regular users can not download executable files from the internet without administrative rights”, he said in an email. It has not responded to repeated requests for comment about the ransomware attack.
He said if a new variant without a “kill switch” popped up, organisations would be on their own to prevent it from taking over their computers. Microsoft requires Windows 10 customers to automatically update their computers, but some people with older PCs disabled automatic updates.
Ryan Kalember, senior vice president at Proofpoint Inc., said that millions of devices could be vulnerable if they have not applied security patches over the weekend. The topic of the webcast is “Prevention of WannaCry Ransomware Threat – session by CERT-In”, and it will start at 11AM. There are no known methods to recover files encrypted by WannaCry without giving in to the ransom. Spam wastes time and resources in so many ways.
“Clearly having the vulnerability be in Microsoft software was one of the key elements”, said Steve Grobman, chief technology officer of McAfee, a security company in Santa Clara, California. Turn on auto-updaters where available (Microsoft offers that option).
The NSA has also been held partly to blame for the attack because it had not alerted Microsoft about the weakness in its system until the NSA’s software that exploited it had been stolen and leaked to the public.
MAKE SAFE AND SECURE BACKUPS Once your files are encrypted, your options are limited.
So what happens if you do get infected with ransomware? Tips include updating software regularly; using anti-virus software; regularly backing up data; never clicking on unknown attachments, banners or links; consulting your anti-virus provider on instructions for removing the infection; and never paying out any money.